Method for vehicle electronic system intrusion detection

The invention claimed is: 1. A method for providing vehicle intrusion detection for a vehicle comprising a wireless wide area network interface to access a wireless wide area network, a wireless local area network interface operable to provide a wireless local area network mobile with said vehicle, a vehicle network bus and a plurality of electronic control units each electronic control unit comprising a separate processor, a separate physical memory accessible by said separate processor, and a separate interface to said vehicle network bus, each of said electronic control units being coupled to said vehicle network bus, said method comprising: providing said vehicle with a predetermined one electronic control unit of said plurality of electronic control units; said predetermined electronic control unit operable to route data between one or more mobile devices located in said vehicle coupled to said wireless local area network and said wireless wide area network, operating said predetermined one electronic control unit to monitor data on said vehicle network bus; storing an intrusion detection program in said separate physical memory of said predetermined one electronic control unit, said intrusion detection program executable only by said separate processor of said predetermined one electronic control unit to detect said one or more types of anomalies that are indicative of an electronic intrusion; isolating said intrusion detection program to insure the integrity of said intrusion detection program, said isolating comprising utilizing one or more memory isolation approaches to isolate said intrusion detection program from all other programs in said vehicle; operating said separate processor of said predetermined one electronic control unit to execute said intrusion detection program to detect one or more types of anomalies indicative of an electronic intrusion in said monitored data; said one or more anomalies indicative of an electronic intrusion comprise re-flashing of an electronic control unit memory and predetermined radio frequency hub activity in said vehicle of a type that comprise attempts to determine a predetermined code assigned to said vehicle; and receiving at least one of calibration information and update information for said intrusion detection program via a selected one of said wireless wide area network interface and said wireless local area network interface; and operating said predetermined one electronic control unit to generate an alert of an electronic intrusion upon detection of said one or more of anomalies indicative of an electronic intrusion. 2. The method in accordance with claim 1 , comprising: utilizing statistical anomaly detection to detect said one or more types of anomalies indicative of an electronic intrusion. 3. The method in accordance with claim 1 , comprising: utilizing Bayes' Law to detect said one or more types of anomalies indicative of an electronic intrusion. 4. The method in accordance with claim 3 , comprising: operating said predetermined one electronic control unit to transmit said alert of electronic intrusion to one of a display in said vehicle, a mobile device, and a server. 5. The method in accordance with claim 4 , wherein: said vehicle network bus comprises a Controller Area Network (CAN) bus. 6. The method in accordance with claim 2 , comprising: utilizing a profile of normal data on said vehicle network bus based upon learned data for said statistical anomaly detection. 7. The method in accordance with claim 6 , comprising: selecting said normal data to be one or more of an amount of normal traffic, identification of normal messages, identification of normal vehicle device to device communication, and identification of normal sensor data. 8. The method in accordance with claim 1 , comprising: utilizing specification based anomaly detection in said intrusion detection program. 9. The method in accordance with claim 8 , comprising: operating said predetermined one electronic control unit while executing said intrusion detection program to ignore all specification compliant data on said vehicle network bus; and generating said alert of intrusion detection for data on said vehicle network bus that is not specification compliant. 10. The method in accordance with claim 9 comprising: providing said predetermined one electronic control unit with access to said wireless wide area network interface; receiving at least one of calibration information and update information for said intrusion detection program via said wireless wide area network interface. 11. The method in accordance with claim 10 , comprising: operating said predetermined one electronic control unit to transmit said alert of electronic intrusion to one of a display in said vehicle, a mobile device, and a server. 12. The method in accordance with claim 11 , wherein: said vehicle network bus comprises a Controller Area Network (CAN) bus. 13. The method in accordance with claim 8 , comprising: utilizing said specification-based anomaly detection to detect one or more of acceleration patterns, braking patterns, original equipment manufacturer (OEM) provided patterns, counterfeit airbags, spoofing of said vehicle network bus messages, spoofing of said vehicle network bus messages and identifications, spoofing of said vehicle network bus identifications, and invalid bus identifications. 14. The method in accordance with claim 1 , comprising: providing said intrusion detection program with an anomaly detection engine. 15. The method in accordance with claim 14 , comprising: selecting said anomaly detection engine to comprise one of statistical anomaly detection and specification based anomaly detection. 16. The method in accordance with claim 1 , comprising: operating said predetermined one electronic control unit to transmit said alert of electronic intrusion to one of a display in said vehicle, a mobile device, and a server. 17. The method in accordance with claim 1 , wherein: said vehicle network bus comprises a Controller Area Network (CAN) bus.